A recent case in which an employee at Progressive Casualty Insurance wrongfully accessed information on mortgagee sale properties she was interested in buying highlights the dangers posed to corporate security by insiders.
Measuring IT security risk and the effectiveness of corporate defences can be a difficult and somewhat imprecise task. But that shouldn’t be an excuse for not trying to gather such metrics, IT managers said at the annual RSA conference in San Jose, California.
Regulatory requirements and increasing consumer concerns about the exposure of personal information are making the addition of data-level security controls a top priority for ICT managers, according to executives attending the US Computer Security Institute’s annual conference.
A Fort Wayne, Ind.-based orthopedics clinic with more than a dozen facilities in the state has called in the U.S. Federal Bureau of Investigation to investigate a hacking incident that highlights the dangers companies can face from the placement of hidden back doors in their software.
Regulatory compliance should not be the primary driver of corporate information security efforts, according to IT managers speaking at the recent Computer Security Institute conference in Washington.
Regulatory compliance issues and concern over data compromises have brought information security issues to the forefront in corporate boardrooms, according to a panel of IT security managers at the Computer Security Institute.
Microsoft Corp. has issued an out-of-cycle advisory warning users about a newly disclosed denial-of-service vulnerability in Windows 2000 Service Pack 4 and Windows XP Service Pack 1.
The growing use of free internet telephony software from Skype Technologies could soon create the same security challenges posed by other peer-to-peer technologies, say security experts.
As banks turn their attention to stronger authentication technologies in the wake of recent guidance from the US Federal Financial Institutions Examination Council, it’s important that they don’t overlook transaction-level controls, several security experts say.
A Microsoft research effort to detect and analyse websites that host malicious code could allow the company to one day offer enterprises the same capabilities vendors of URL filtering products have been pitching for sometime now.
Officials at Sunbelt Software, a US-based vendor of antispyware tools, said the company stumbled upon a massive ID theft ring that is using a well-known spyware program to break into and systematically steal confidential information from an unknown number of computers worldwide.
Is another Windows exploit on its way?
Villains are targeting specific, 'high value' people, report says
Database company sends legal letter to block information disclosure despite releasing patch
The growing popularity of Mozilla-based Web browsers appears to be attracting the attention of the malicious hacking community.